System and method for securely transacting over a landline

ABSTRACT

A computing device for securely transacting over a landline is provided. The computing device is configured to receive, through a landline, from a merchant in response to a transaction request by a user, a merchant identification message including a merchant identifier, extract the merchant identifier from the merchant identification message, query a database of merchant data including a plurality of merchants and a plurality of merchant identifiers, identify, in response to the query, the merchant by matching the extracted merchant identifier against the plurality of merchant identifiers in the database, retrieve, in response to successfully identifying the merchant, a token associated with a PAN of the user, generate a token message including the token, transmit the token message to the merchant through the landline, and receive, from a payment processor, a confirmation message indicating a payment using the PAN was made in response to the merchant receiving the token.

BACKGROUND

This disclosure relates generally to security in card payments, and morespecifically, to a system and method for securely making a payment usinga payment card over a landline.

Individuals sometimes make payments remotely to, for example, a merchantor a charitable organization. Many individuals prefer to make theseremote payments using a landline telephone due to the familiarity andsimplicity of use of the landline telephone. To make such remotepayments, the individual may use a payment card, for example, byproviding a primary account number (PAN) associated with the paymentcard to the merchant or charitable organization. Making a remote paymentusing a landline requires the individual to verbally read the PAN to arepresentative through the telephone. However, making a payment in thismanner may provide a fraudster an opportunity to steal the PAN.

For example, a party purporting to be a merchant or charitableorganization may in fact be a fraudster. Because an individual making apayment over a landline cannot determine the identity of the one withwhom the individual is talking with certainty, the individual mayprovide the PAN to an unintended party. For example, an individualbelieving the fraudster to be a representative of a legitimate merchantor charitable organization may provide a PAN to the fraudster.

Even if the merchant or charitable organization is legitimate, it ispossible for the PAN to be intercepted by a fraudster while beingtransmitted from the individual to the merchant or charitableorganization. For example, because the individual making the paymentmust read the PAN aloud to communicate the PAN to the merchant orcharitable organization over the landline, a fraudster may overhear thePAN at either end of the landline.

At least some known systems use security measures such as tokenizationand encryption to prevent the compromising of a PAN during transmissionfrom an individual making a payment to the party receiving the payment.However, current systems do not allow for these security measures to beused when making a payment over a landline. It is therefore desirablefor a system to enable a more secure transaction over a landline.

BRIEF DESCRIPTION

In one aspect, a computing device for securely transacting over alandline is provided. The computing device includes at least oneprocessor and a memory device in communication with the at least oneprocessor. The at least one processor is configured to receive, througha landline, from a merchant in response to a transaction request by auser, a merchant identification message including a merchant identifier.The at least one processor is further configured to extract the merchantidentifier from the merchant identification message. The at least oneprocessor is further configured to query a database of merchant dataincluding a plurality of merchants and a plurality of merchantidentifiers, wherein each of the plurality of merchant identifierscorresponds to one of the plurality of merchants. The at least oneprocessor is further configured to identify, in response to the query,the merchant by matching the extracted merchant identifier against theplurality of merchant identifiers in the database. The at least oneprocessor is further configured to retrieve, in response to successfullyidentifying the merchant, a token associated with a primary accountnumber (PAN) of the user. The at least one processor is furtherconfigured to generate a token message including the token. The tokenmessage is transmittable through the landline. The at least oneprocessor is further configured to transmit the token message to themerchant through the landline. The at least one processor is furtherconfigured to receive, from a payment processor, a confirmation messageindicating a payment using the PAN was made in response to the merchantreceiving the token.

In another aspect, a computer-implemented method for securelytransacting over a landline is provided. The computer-implemented methodis implemented by a tokenization, analysis, and encryption (TAE)computing device including at least one processor in communication witha memory device. The computer-implemented method includes receiving, bythe TAE computing device, through a landline, from a merchant inresponse to a transaction request by a user, a merchant identificationmessage including a merchant identifier. The computer-implemented methodalso includes extracting, by the TAE computing device, the merchantidentifier from the merchant identification message. Thecomputer-implemented method also includes querying, by the TAE computingdevice, a database of merchant data including a plurality of merchantsand a plurality of merchant identifiers, wherein each of the pluralityof merchant identifiers corresponds to one of the plurality ofmerchants. The computer-implemented method also includes identifying, bythe TAE computing device, in response to the query, the merchant bymatching the extracted merchant identifier against the plurality ofmerchant identifiers in the database. The computer-implemented methodalso includes retrieving, by the TAE computing device, in response tosuccessfully identifying the merchant, a token associated with a primaryaccount number (PAN) of the user. The computer-implemented method alsoincludes generating, by the TAE computing device, a token messageincluding the token. The token message is transmittable through thelandline. The computer-implemented method also includes transmitting, bythe TAE computing device, the token message to the merchant through thelandline. The computer-implemented method also includes receiving, bythe TAE computing device, from a payment processor, a confirmationmessage indicating a payment using the PAN was made in response to themerchant receiving the token.

In yet another aspect, a non-transitory computer-readable media havingcomputer-executable instructions embodied thereon is provided. Whenexecuted by a tokenization, analysis, and encryption (TAE) computingdevice including at least one processor in communication with a memorydevice, the computer-readable instructions cause the TAE computingdevice to receive, through a landline, from a merchant in response to atransaction request by a user, a merchant identification messageincluding a merchant identifier. The computer-readable instructionsfurther cause the TAE computing device to extract the merchantidentifier from the merchant identification message. Thecomputer-readable instructions further cause the TAE computing device toquery a database of merchant data including a plurality of merchants anda plurality of merchant identifiers, wherein each of the plurality ofmerchant identifiers corresponds to one of the plurality of merchants.The computer-readable instructions further cause the TAE computingdevice to identify, in response to the query, the merchant by matchingthe extracted merchant identifier against the plurality of merchantidentifiers in the database. The computer-readable instructions furthercause the TAE computing device to retrieve, in response to successfullyidentifying the merchant, a token associated with a primary accountnumber (PAN) of the user. The computer-readable instructions furthercause the TAE computing device to generate a token message including thetoken. The token message is transmittable through the landline. Thecomputer-readable instructions further cause the TAE computing device totransmit the token message to the merchant through the landline. Thecomputer-readable instructions further cause the TAE computing device toreceive, from a payment processor, a confirmation message indicating apayment using the PAN was made in response to the merchant receiving thetoken.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 is a schematic diagram illustrating an example multi-partypayment processing system for enabling secure payment-by-cardtransactions over a landline.

FIG. 2 is a data flow diagram illustrating an example data flow amongelements of the system shown in FIG. 1.

FIG. 3 illustrates an example configuration of a client system that maybe used in the system shown in FIG. 1, in accordance with an embodimentof the present disclosure.

FIG. 4 illustrates an example configuration of a server system that maybe used in the system shown in FIG. 1, in accordance with an embodimentof the present disclosure.

FIG. 5 shows a diagram of components of an example computing device thatmay be used in the system shown in FIG. 1.

FIG. 6 is a flowchart illustrating an example method for securelytransacting over a landline.

DETAILED DESCRIPTION

The following detailed description illustrates embodiments of thedisclosure by way of example and not by way of limitation. Thedescription enables one skilled in the art to make and use thedisclosure, describes several embodiments, adaptations, variations,alternatives, and uses of the disclosure, including what is presentlybelieved to be the best mode of carrying out the disclosure. Thedisclosure is described as applied to an example embodiment, namely,systems and methods utilizing a tokenization, analysis, and encryption(TAE) computing device. The TAE computing device may be in communicationwith a payment processor computing device and a tokenization servercomputing device.

The TAE computing device includes a processor in communication with amemory. The TAE computing device is further in communication with atleast one database for storing information, such as merchant data. TheTAE computing device is further in communication with a landlinetelephone device such that the TAE computing device can communicate withat least one merchant computing device over a landline. When a telephonecall is connected between the merchant computing device and the landlinetelephone device, information (e.g., audio signals) can be transferredbetween the landline telephone device and the merchant computing device.For example, a user may use the landline telephone device to speak witha merchant representative who is using the merchant computing device.Because the TAE computing device is communicatively coupled to thelandline telephone device, the TAE computing device may receive andanalyze audio signals (e.g., speech, frequency shift keying (FSK)signals, or touchtone signals) transmitted over the landline by themerchant computing device.

In the example embodiment, the TAE computing device is configured toreceive a merchant identification message including a merchantidentifier. The merchant identifier may be a unique identifier (e.g., anumber or alphanumeric code) associated with the merchant. The merchantcomputing device may generate the merchant identification message byencrypting the merchant identifier into an audio signal that can betransmitted over the land line. For example, the merchant identifier maybe encrypted using FSK, where the merchant identifier is converted todigital (e.g., binary) values, and each digital value is assigned anaudio frequency. A sequence of audio frequencies corresponding to thedigital values of the merchant identifier may then be transmitted overthe landline. The TAE computing device may then receive the sequence ofaudio frequencies. In another example, the merchant identifier may beencrypted as dual-tone multi-frequency (DTMF) signals (e.g., touchtonesignals). The merchant identifier may be converted to number valuescorresponding to touchtone digits, each with an associated two-frequencyaudio signal (e.g., each touchtone digit has a unique combination offrequencies). A sequence of touchtone signals corresponding to thedigits of the merchant identifier may then be transmitted over thelandline. The TAE computing device may then receive the sequence oftouchtone signals. In other examples, the merchant identificationmessage may be another type of audio signal (e.g., natural orsynthesized speech) that can be interpreted by the TAE computing device.

The TAE computing device is further configured to extract the merchantidentifier from the merchant identification message. For example, inembodiments where the merchant identification message uses an FSKprotocol, the TAE computing device may analyze each frequency of areceived sequence of audio frequencies to determine a sequence ofdigital (e.g., binary) values corresponding to the received sequence offrequencies. The TAE computing device may then decrypt the determinedbinary sequence to extract the merchant identifier. In another example,in embodiments where the merchant identification message uses atouchtone protocol, the TAE computing device may analyze each touchtonesignal of a received sequence of touchtone signals to determine asequence of digits corresponding to the received sequence of touchtonesignals. The TAE computing device may then decrypt the determinedsequence of digits to extract the merchant identifier.

The TAE computing device may be further configured to query a databasebased on the extracted merchant identifier. The database includesmerchant data including a plurality of merchant names and a plurality ofmerchant identifiers, where each merchant identifier is associated witha merchant name. Each merchant name and corresponding merchantidentifier may correspond to a merchant deemed to be legitimate. Forexample, the merchant data may include only the names of merchants andcharitable organizations that have enrolled in the system or otherwisebeen verified. The database may be associated with, for example, apayment processor or another entity managing the system.

The TAE computing device is further configured to identify the merchantbased on the result from the query. If the extracted merchant identifiermatches one of the plurality of merchant identifiers, the TAE computingdevice may determine (i) that the merchant from which the identifier wasreceived is legitimate and (ii) the merchant name associated with themerchant. In certain embodiments, the TAE computing device may displaythe merchant name associated with the extracted merchant identifier,enabling the user to verify the identity of the merchant in real time.

The TAE computing device is further configured to retrieve a token. Thetoken may be retrieved automatically in response to successfullyidentifying the merchant associated with extracted merchant identifier.The token may correspond to a primary account number (PAN) associatedwith a payment card of the user. The token and associated PAN may beknown by a payment processor, such that a payment processor receivingthe token can determine the PAN associated with the token. The token mayexpire, for example, after one use, so that the token cannot be used tomake additional purchases if a fraudster were to intercept the token.The token may be generated, for example, by a token server incommunication with the TAE computing device and the payment processor.When a token is received by the payment processor, the payment processormay communicate with the token server to determine the PAN correspondingto the token. In certain embodiments, the token server may be associatedwith the payment processor. In alternative embodiments, the token may begenerated by the TAE computing device and communicated to the paymentprocessor prior to or during the transaction.

The TAE computing device is further configured to generate a tokenmessage including the token. The token message may be formatted suchthat it may be transmitted over the landline (e.g., as an audio signal).For example, the token message may use an FSK protocol. The TAEcomputing device may encrypt the token into a sequence of digital (e.g.,binary) values, where each binary value corresponds to an audiofrequency. In another example, the token message may use a touchtoneprotocol. The TAE computing device may encrypt the token into a sequenceof digits, where each digit corresponds to a touchtone signal (e.g.,each digit has a unique combination of frequencies). In other examples,the token message may be another type of audio signal (e.g., natural orsynthesized speech) that can be interpreted by the merchant computingdevice. In some embodiments, the TAE computing device may encrypt thetoken multiple times for additional security. For example, the token maybe encrypted into an alternative numeric or alphanumeric value using anencryption protocol before being encrypted into an audio signal. Theencrypted token may be decrypted by, for example, the payment processor,so that the merchant is not exposed to the token in an unencrypted form.

The TAE computing device is further configured to transmit the tokenmessage to the merchant through a landline. For example, the TAEcomputing device may generate an audio signal corresponding to the tokenmessage using a loudspeaker. The audio signal may be received by amicrophone of a receiver of the landline telephone device andtransmitted over the landline. In another example, the TAE computingdevice and the landline telephone device are capable of wireless digitalcommunication (e.g., using Bluetooth). The TAE computing device maytransmit the token message to the landline telephone device as a digitalaudio signal (e.g., using a Bluetooth protocol). The landline computingdevice may then convert the digital audio signal to an analog audiosignal (e.g., corresponding to an FSK or touchtone signal) to transmitthe analog audio signal over the landline.

The merchant computing device may receive the audio signal transmittedover the landline corresponding to the token message. The merchantcomputing device may extract the token from the token message bydecrypting the token message. The merchant computing device may then usethe token to initiate a payment card transaction. The merchant computingdevice may communicate with the payment processor (e.g., through amerchant bank or third party processor). The payment processor mayaccess the token server to determine the PAN associated with the token.Thus, the transaction may be completed without the PAN beingcommunicated over the landline.

The TAE computing device is further configured to receive a confirmationmessage. The message may be generated and transmitted, for example, bythe payment processor. The message may include, for example, a merchantname and payment amount associated with the transaction. In certainembodiments, the TAE computing device may display the received merchantname and payment amount, enabling the user to verify the merchant andpayment amount in real time.

The technical problems addressed by the disclosure include at least oneof: (i) inability of a user to verify in real time the identity of amerchant with whom the user is speaking during a landline telephonecall; (ii) necessity of a user to verbally read the user's primaryaccount number (PAN) during a telephone call in order to use a paymentcard to make a payment over the telephone; (iii) inability to tokenizeand/or encrypt a PAN being communicated over a landline; and (iv)inability to verify a merchant and payment amount in real time for apayment made through a landline telephone call.

The technical effects achieved by the systems and methods describedherein include at least one of: (i) receiving, through a landline, froma merchant in response to a transaction request by a user, a merchantidentification message including a merchant identifier; (ii) extractingthe merchant identifier from the merchant identification message; (iii)querying a database of merchant data including a plurality of merchantsand a plurality of merchant identifiers, wherein each of the pluralityof merchant identifiers corresponds to one of the plurality ofmerchants; (iv) identifying, in response to the query, the merchant bymatching the received merchant identifier against the plurality ofmerchant identifiers in the database; (v) retrieving, in response tosuccessfully identifying the merchant, a token associated with a PAN ofthe user; (vi) generating a token message including the token, the tokenmessage transmittable through the landline; (vii) transmitting the tokenmessage to the merchant through the landline; and (viii) receiving, froma payment processor, a confirmation message indicating a payment usingthe PAN was made in response to the merchant receiving the token.

The resulting technical benefits achieved by the systems and methods ofthe disclosure include at least one of: (i) enabling a user to verify inreal time the identity of a merchant with whom the user is speakingduring a landline telephone call; (ii) enabling a user to make a cardpayment through a landline telephone call without requiring the user toverbally read the user's primary account number (PAN) during the call;(iii) enabling tokenization and/or encryption of a PAN beingcommunicated over a landline; and (iv) enabling a user to verify amerchant and payment amount in real time for a payment made through alandline telephone call.

As used herein, the terms “transaction card,” “financial transactioncard,” and “payment card” refer to any suitable transaction card, suchas a credit card, a debit card, a prepaid card, a charge card, amembership card, a promotional card, a frequent flyer card, anidentification card, a gift card, and/or any other device that may holdpayment account information, such as mobile phones, Smartphones,personal digital assistants (PDAs), key fobs, and/or computers. Eachtype of transactions card can be used as a method of payment forperforming a transaction.

In one embodiment, a computer program is provided, and the program isembodied on a computer readable medium. In an example embodiment, thesystem is executed on a single computer system, without requiring aconnection to a server computer. In a further example embodiment, thesystem is being run in a Windows® environment (Windows is a registeredtrademark of Microsoft Corporation, Redmond, Wash.). In yet anotherembodiment, the system is run on a mainframe environment and a UNIX®server environment (UNIX is a registered trademark of X/Open CompanyLimited located in Reading, Berkshire, United Kingdom). In a furtherembodiment, the system is run on an iOS® environment (iOS is aregistered trademark of Cisco Systems, Inc. located in San Jose,Calif.). In yet a further embodiment, the system is run on a Mac OS®environment (Mac OS is a registered trademark of Apple Inc. located inCupertino, Calif.). The application is flexible and designed to run invarious different environments without compromising any majorfunctionality. In some embodiments, the system includes multiplecomponents distributed among a plurality of computing devices. One ormore components are in the form of computer-executable instructionsembodied in a computer-readable medium. The systems and processes arenot limited to the specific embodiments described herein. In addition,components of each system and each process can be practicedindependently and separately from other components and processesdescribed herein. Each component and process can also be used incombination with other assembly packages and processes.

In one embodiment, a computer program is provided, and the program isembodied on a computer readable medium and utilizes a Structured QueryLanguage (SQL) with a client user interface front-end for administrationand a web interface for standard user input and reports. In anotherembodiment, the system is web enabled and is run on a business-entityintranet. In yet another embodiment, the system is fully accessed byindividuals having an authorized access outside the firewall of thebusiness-entity through the Internet. In a further embodiment, thesystem is being run in a Windows® environment (Windows is a registeredtrademark of Microsoft Corporation, Redmond, Wash.). The application isflexible and designed to run in various different environments withoutcompromising any major functionality.

As used herein, an element or step recited in the singular and precededwith the word “a” or “an” should be understood as not excluding pluralelements or steps, unless such exclusion is explicitly recited.Furthermore, references to “example embodiment” or “one embodiment” ofthe present disclosure are not intended to be interpreted as excludingthe existence of additional embodiments that also incorporate therecited features.

As used herein, the term “database” may refer to either a body of data,a relational database management system (RDBMS), or to both. A databasemay include any collection of data including hierarchical databases,relational databases, flat file databases, object-relational databases,object oriented databases, and any other structured collection ofrecords or data that is stored in a computer system. The above examplesare for example only, and thus are not intended to limit in any way thedefinition and/or meaning of the term database. Examples of RDBMS'sinclude, but are not limited to including, Oracle® Database, MySQL, IBM®DB2, Microsoft® SQL Server, Sybase®, and PostgreSQL. However, anydatabase may be used that enables the systems and methods describedherein. (Oracle is a registered trademark of Oracle Corporation, RedwoodShores, Calif.; IBM is a registered trademark of International BusinessMachines Corporation, Armonk, N.Y.; Microsoft is a registered trademarkof Microsoft Corporation, Redmond, Wash.; and Sybase is a registeredtrademark of Sybase, Dublin, Calif.).

The term processor, as used herein, may refer to central processingunits, microprocessors, microcontrollers, reduced instruction setcircuits (RISC), application specific integrated circuits (ASIC), logiccircuits, and any other circuit or processor capable of executing thefunctions described herein.

As used herein, the terms “software” and “firmware” are interchangeable,and include any computer program stored in memory for execution by aprocessor, including RAM memory, ROM memory, EPROM memory, EEPROMmemory, and non-volatile RAM (NVRAM) memory. The above memory types arefor example only, and are thus not limiting as to the types of memoryusable for storage of a computer program.

FIG. 1 is a schematic diagram illustrating an example system 120 forenabling payment-by-card transactions. FIG. 2 is a data flow diagramillustrating an example data flow 200 among elements of the system shownin FIG. 1. Embodiments described herein may relate to a transaction cardsystem, such as a credit card payment system using the Mastercard®interchange network. The Mastercard® interchange network is a set ofproprietary communications standards promulgated by MastercardInternational Incorporated® for the exchange of financial transactiondata and the settlement of funds between financial institutions that aremembers of Mastercard International Incorporated®. (Mastercard is aregistered trademark of Mastercard International Incorporated located inPurchase, N.Y.).

As described with respect to system 120, a financial institution calledthe “issuer” 130 issues a transaction card or electronic paymentsaccount identifier, such as a credit card or debit card associated withuser account 132, to a consumer, cardholder, or user 122, who uses thetransaction card to tender payment for a purchase from a merchant 124.

In example embodiments, user 122 may use the transaction card to tenderpayment over a landline telephone call, where user 122 communicates viaan audio signal 202 through a landline telephone device 134 connected toa merchant computing device 136 via a landline 138. A tokenization,analysis, and encryption (TAE) device 140 may be in communication withlandline telephone device 134 such that TAE computing device 140 iscapable of receiving and transmitting, or causing landline telephonedevice 134 to transmit, audio signals to merchant computing device 136via landline 138. TAE computing device 140 enables user 122 to verifythe identity of merchant 124 and securely tender payment using the useraccount 132 (e.g., the transaction card) over landline 138. In responseto user 122 tendering payment, merchant computing device 136 maytransmit a merchant identification message 204 including a merchantidentifier via landline 138, for example, using FSK, DTMF, or anothersuitable method as discussed in more detail below. TAE computing device140 may receive merchant identification message 204 due to itsconnection to landline telephone device 134, and may extract, from themerchant identification message 204, the merchant identifier. TAEcomputing device may query 206 a database 142 based on the extractedmerchant identifier. The database 142 includes merchant data including aplurality of merchant names and a plurality of merchant identifiers.Each merchant identifier corresponds to one of the plurality ofmerchants. Query 206 may return 208 the name of merchant 124 fromdatabase 142 by comparing the received merchant identifier to theplurality of merchant identifiers. Thus, TAE computing device 140 mayenable user 122 to confirm the identity of merchant 124 in real time andverify that merchant 124 is legitimate.

In the example embodiment, in response to successfully identifyingmerchant 124 as a merchant in the database, TAE computing device 140 maytransmit a request 210 to retrieve a token 212 from token server 144.Token 212 may be associated with a primary account number (PAN) 220associated with a payment card of user 122. Token 212 and associated PAN220 may be known by interchange network 128, such that interchangenetwork 128 can determine the PAN 220 associated with token 212 uponreceiving token 212. Token 212 may expire, for example, after one use,so that token 212 cannot be used to make additional purchases if afraudster were to intercept token 212. Token 212 may be generated, forexample, by token server 144 in communication with TAE computing device140 and interchange network 128. When token 212 is subsequently receivedby interchange network 128 from merchant 124 in connection with apayment transaction message submitted over interchange network 128,interchange network 128 may communicate with token server 144 todetermine the PAN corresponding to token 212, and may apply PAN 220 tothe payment transaction.

In response to obtaining token 212 from token server 144, TAE computingdevice 140 may generate a token message 214 including token 212. Tokenmessage 214 may be formatted using a protocol that can be transmittedvia landline 138. TAE computing device 140 may transmit token message214 to merchant computing device 136 via landline 138 (e.g., as an audiosignal). For example, token message 214 may use an FSK protocol. TAEcomputing device 140 may encrypt token 212 into a sequence of digital(e.g., binary) values, where each binary value corresponds to an audiofrequency. In another example, token message 214 may use a touchtoneprotocol. TAE computing device 140 may encrypt token 212 into a sequenceof digits, where each digit corresponds to a touchtone signal (e.g.,each digit has a unique combination of frequencies). In other examples,token message 214 may be another type of audio signal (e.g., natural orsynthesized speech) that can be interpreted by merchant computing device136. In some embodiments, TAE computing device 140 may encrypt token 212multiple times for additional security. For example, token 212 may beencrypted into an alternative numeric or alphanumeric value using anencryption protocol before being encrypted into an audio signal. Theencrypted token 212 may be decrypted by, for example, interchangenetwork 128, so that merchant 124 is not exposed to token 212 in anunencrypted form.

In the example embodiment, TAE computing device 140 may be furtherconfigured to transmit token message 214 to merchant computing device136 through landline 138. For example, TAE computing device 140 maygenerate an audio signal corresponding to token message 214 using aloudspeaker (not shown). The audio signal may be received by amicrophone of a receiver of landline telephone device 134 andtransmitted over landline 138. In another example, TAE computing device140 and landline telephone device 134 are capable of wireless digitalcommunication (e.g., using Bluetooth). TAE computing device 140 maytransmit token message 214 to landline telephone device 134 as a digitalaudio signal (e.g., using a Bluetooth protocol). Landline telephonedevice 134 may then convert the digital audio signal to an analog audiosignal (e.g., a FSK or touchtone signal) to transmit the analog audiosignal over the landline. Thus, user 122 need not verbally communicatetransaction card or other information associated with user account 132(e.g., PAN 220) over landline 138, preventing such information frombeing overheard or otherwise intercepted.

To accept payment with the transaction card, merchant 124 must normallyestablish an account with a financial institution that is part of thefinancial payment system. This financial institution, designated asmerchant bank 126 in FIG. 1, is usually called the “merchant bank,” the“acquiring bank,” or the “acquirer.” When user 122 tenders payment for apurchase with a transaction card, merchant 124 requests authorizationfrom merchant bank 126 for the amount of the purchase. The request maybe performed over the telephone, but is usually performed through theuse of a point-of-sale (POS) terminal in communication with merchantcomputing device 136. Merchant computing device 136 receives tokenmessage 214 from TAE computing device 140, extracts token 212 from tokenmessage 214, and electronically transmits token 212 to transactionprocessing computers of merchant bank 126. Alternatively, merchant bank126 may authorize a third party to perform transaction processing on itsbehalf. In this case, the POS terminal will be configured to communicatewith the third party. Such a third party is usually called a “merchantprocessor,” an “acquiring processor,” or a “third party processor.”Merchant bank 126 or other merchant processor may include token 212 inan authorization request message 216 and transmit it to a server 129 ofan interchange network 128, for example, using the proprietarycommunication protocol of interchange network 128.

In response to authorization request message 216, one or more servers129 of interchange network 128 may query 218 token server 144 toretrieve the PAN 220 of user account 132 associated with token 212. Inresponse to successfully retrieving PAN 220 of user account 132, theserver 129 communicates with computers of issuer bank 130 to determinewhether user account 132 associated with user 122 and identified byretrieved PAN 220 is in good standing and whether the purchase iscovered by an available credit line of user account 132. For example,the server 129 of interchange network 128 modifies the authorizationrequest message 216 by substituting retrieved PAN 220 for token 212, andforwards the authorization request message 216 to issuer bank 130.Accordingly, PAN 220 never appears on the merchant side of thetransaction.

Based on the determination by issuer bank 130, the request forauthorization will be declined or accepted in an authorization responsemessage 224 forwarded by interchange network 128 from issuer bank 130 tomerchant bank 126, and on to merchant computing device 136. If therequest is accepted, an authorization code is issued to merchant 124 viaauthorization response message 224. In certain embodiments, aconfirmation message 222 including the name of merchant 124 andtransaction amount may be transmitted to TAE computing device 140 inresponse to the acceptance or declining of the authorization request.TAE computing device 140 may display the merchant name and transactionamount to user 122, enabling user 122 to verify the merchant andtransaction amount in real time.

When a request for authorization is accepted, the available credit lineof user account 132 is decreased. Normally, a charge for a payment cardtransaction is not posted immediately to user account 132 becausebankcard associations, such as Mastercard International Incorporated®,have promulgated rules that do not allow merchant 124 to charge, or“capture,” a transaction until goods are shipped or services aredelivered. However, with respect to at least some debit cardtransactions, a charge may be posted at the time of the transaction.When merchant 124 ships or delivers the goods or services, merchant 124captures the transaction by, for example, appropriate data entryprocedures on the point-of-sale terminal. This may include bundling ofapproved transactions daily for standard retail purchases. If user 122cancels a transaction before it is captured, a “void” is generated. Ifuser 122 returns goods after the transaction has been captured, a“credit” is generated. Interchange network 128 and/or issuer bank 130stores the transaction information, such as an identifier of useraccount 132, a category of merchant, a merchant identifier, a locationwhere the transaction was completed, amount of purchase, and date andtime of the transaction in a database.

After a purchase has been made, a clearing process occurs to transferadditional transaction data related to the purchase among the parties tothe transaction, such as merchant bank 126, interchange network 128, andissuer bank 130. More specifically, during and/or after the clearingprocess, additional data, such as a time of purchase, a merchant name, atype of merchant, purchase information, cardholder account information,a type of transaction, itinerary information, information regarding thepurchased item and/or service, and/or other suitable information, isassociated with a transaction and transmitted between parties to thetransaction as transaction data, and may be stored by any of the partiesto the transaction.

For debit card transactions, when a request for a personalidentification number (PIN) authorization is approved by the issuer,user account 132 is decreased. Normally, a charge is posted immediatelyto user account 132. The payment card association then transmits theapproval to the acquiring processor for distribution of goods/servicesor information, or cash in the case of an automated teller machine(ATM).

After a transaction is authorized and cleared, the transaction issettled among merchant 124, merchant bank 126, and issuer bank 130.Settlement refers to the transfer of financial data or funds amongmerchant bank 126, issuer bank 130, and merchant 124 related to thetransaction. Usually, transactions are captured and accumulated into a“batch,” which is settled as a group. More specifically, a transactionis typically settled between issuer bank 130 and interchange network128, and then between interchange network 128 and merchant bank 126, andthen between merchant bank 126 and merchant 124.

In one embodiment, the one or more servers 129 of interchange network128 includes a database server that is communicatively coupled todatabase 142 for storing data. In an exemplary embodiment, database 142stores merchant data including a plurality of merchant names and aplurality of merchant identifiers, where each merchant identifiercorresponds to one of the plurality of merchant names. According to theexemplary embodiment, database 142 is disposed remotely from interchangenetwork 128. In other embodiments, database 142 is decentralized, or maybe a portion of interchange network 128. In the exemplary embodiment,TAE computing device 140 is able to access database 142 by logging ontointerchange network 128. In the example embodiment, interchange network128 may be associated with a payment processor.

One or more point-of-sale (POS) systems (e.g., merchant computing device136) may be communicatively coupled with the interchange network 128.Merchant computing device 136 may include, without limitation,components that accept card swipes, online payment portals, digitalwallet payments, or stored payment card numbers for recurringtransactions.

In an example embodiment, TAE computing device 140 may becommunicatively coupled (e.g., either directly or indirectly) tointerchange network 128 and landline telephone device 134 such that TAEcomputing device 140 can communicate with at least one merchantcomputing device such as merchant computing device 136 over landline138. When a telephone call is connected between the merchant computingdevice and the landline telephone device, information (e.g., audiosignal 202) can be transferred between landline telephone device 134 andmerchant computing device 136. For example, user 122 may use landlinetelephone device 134 to speak with a merchant representative who isusing merchant computing device 136. Because TAE computing device 140 iscommunicatively coupled to landline telephone device 134, TAE computingdevice 140 may receive and analyze audio signals (e.g., speech,frequency shift keying (FSK) signals, or touchtone signals) transmittedover landline 138 by merchant computing device 136.

In the example embodiment, TAE computing device 140 is configured toreceive merchant identification message 204 including a merchantidentifier. The merchant identifier may be a unique identifier (e.g., anumber or alphanumeric code) associated with the merchant. Merchantcomputing device 136 may generate merchant identification message 204 byencrypting the merchant identifier into an audio signal that can betransmitted over the land line. For example, the merchant identifier maybe encrypted using FSK, where the merchant identifier is converted todigital (e.g., binary) values, and each digital value is assigned anaudio frequency. A sequence of audio frequencies corresponding to thedigital values of the merchant identifier may then be transmitted overthe landline. TAE computing device 140 may then receive the sequence ofaudio frequencies. In another example, the merchant identifier may beencrypted as dual-tone multi-frequency (DTMF) signals (e.g., touchtonesignals). The merchant identifier may be converted to number valuescorresponding to touchtone digits, each with an associated two-frequencyaudio signal (e.g., each touchtone digit has a unique combination offrequencies). A sequence of touchtone signals corresponding to thedigits of the merchant identifier may then be transmitted over thelandline. TAE computing device 140 may then receive the sequence oftouchtone signals. In other examples, merchant identification message204 may be another type of audio signal (e.g., natural or synthesizedspeech) that can be interpreted by TAE computing device 140.

In the example embodiment, TAE computing device 140 may further beconfigured to extract the merchant identifier from merchantidentification message 204. For example, in embodiments where merchantidentification message 204 uses an FSK protocol, TAE computing device140 may analyze each frequency of a received sequence of audiofrequencies to determine a sequence of digital (e.g., binary) valuescorresponding to the received sequence of frequencies. TAE computingdevice 140 may then decrypt the determined binary sequence to extractthe merchant identifier. In another example, in embodiments wheremerchant identification message 204 uses a touchtone protocol, TAEcomputing device 140 may analyze each touchtone signal of a receivedsequence of touchtone signals to determine a sequence of digitscorresponding to the received sequence of touchtone signals. TAEcomputing device 140 may then decrypt the determined sequence of digitsto extract the merchant identifier.

In the example embodiment, computing devices associated with one of user122 (e.g., TAE computing device 140), merchant 124 (e.g., merchantcomputing device 136), merchant bank 126, and/or issuer bank 130 may bereferred to herein as client systems. In some embodiments, clientsystems include computers configured to implement a web browser or asoftware application, which enables client systems to access a serversystem (e.g., interchange network 128) using the Internet. Clientsystems may be communicatively coupled to the Internet through manyinterfaces including, but not limited to, at least one of a network,such as the Internet, a local area network (LAN), a wide area network(WAN), or an integrated services digital network (ISDN), adial-up-connection, a digital subscriber line (DSL), a cellular phoneconnection, and a cable modem. Alternatively, client systems include anydevice capable of accessing the Internet including, but not limited to,a desktop computer, a laptop computer, a personal digital assistant(PDA), a cellular phone, a smartphone, a tablet, a phablet, or otherweb-based connectable equipment.

FIG. 3 illustrates an example configuration of a client system 300 inaccordance with one embodiment of the present disclosure. In the exampleembodiment, client system 300 includes at least one user computingdevice 302, operated by a user 301. User 301 may include, but is notlimited to, user 122 (shown in FIG. 1). User computer device 302 mayinclude, but is not limited to, TAE computing device 140. User computerdevice 302 includes a processor 305 for executing instructions, and amemory area 310. In some embodiments, executable instructions are storedin memory area 310. Processor 305 may, for example, include one or moreprocessing units (e.g., in a multi-core configuration). Memory area 310may, for example, be any device allowing information such as executableinstructions and/or transaction data to be stored and retrieved. Memoryarea 310 may further include one or more computer readable media.

In the example embodiment, user computer device 302 further includes atleast one media output component 315 for presenting information to user301. Media output component 315 may, for example, be any componentcapable of converting and conveying electronic information to user 301.For example, media output component 315 may be a display componentconfigured to display component lifecycle data in the form of reports,dashboards, communications, and the like In some embodiments, mediaoutput component 315 includes an output adapter (not shown), such as avideo adapter and/or an audio adapter, which is operatively coupled toprocessor 305 and operatively connectable to an output device (also notshown), such as a display device (e.g., a cathode ray tube (CRT), liquidcrystal display (LCD), light emitting diode (LED) display, or“electronic ink” display) or an audio output device (e.g., a speaker orheadphones).

In some embodiments, media output component 315 is configured to includeand present a graphical user interface (not shown), such as a webbrowser and/or a client application, to user 301. The graphical userinterface may include, for example, an online store interface forviewing and/or purchasing items, and/or a wallet application formanaging payment information. In some embodiments, user computer device302 includes an input device 320 for receiving input from user 301. User301 may use input device 320 to, without limitation, select and/or enterone or more items to purchase and/or a purchase request, or to accesscredential information, and/or payment information. Input device 320 mayinclude, for example, a keyboard, a pointing device, a mouse, a stylus,a touch sensitive panel, a touch pad, a touch screen, a gyroscope, anaccelerometer, a position detector, an audio input device, a fingerprintreader/scanner, a palm print reader/scanner, a iris reader/scanner, aretina reader/scanner, a profile scanner, or the like. A singlecomponent such as a touch screen may function as both an output deviceof media output component 315 and input device 320. User computingdevice 302 may also include a communication interface 325, which iscommunicatively connectable to a remote device such as interchangenetwork 128 (shown in FIG. 1). Communication interface 325 may include,for example, a wired or wireless network adapter or a wireless datatransceiver for use with a mobile phone network (e.g., Global System forMobile communications (GSM), 3G, 4G or Bluetooth) or other mobile datanetwork (e.g., Worldwide Interoperability for Microwave Access (WIMAX)).

Stored in memory area 310 are, for example, computer readableinstructions for providing a user interface to user 301 via media outputcomponent 315 and, optionally, receiving and processing input from inputdevice 320. A user interface may include, among other possibilities, aweb browser, and client application. Web browsers enable users, such asuser 301, to display and interact with media and other informationtypically embedded on a web page or a website from interchange network128. A client application allows user 301 to interact with a serverapplication from interchange network 128. For example, instructions maybe stored by a cloud service, and the output of the execution of theinstructions sent to the media output component 315.

Processor 305 executes computer-executable instructions for implementingaspects of the disclosure. In some embodiments, the processor 305 istransformed into a special purpose microprocessor by executingcomputer-executable instructions or by otherwise being programmed. Forexample, the processor 305 may be programmed with computer-executableinstructions such that it may execute the methods as discussed above andillustrated in FIG. 6, below.

In exemplary embodiments, processor 305 may include and/or becommunicatively coupled to one or more modules for implementing thesystems and methods described herein. For example, processor 305 mayinclude a decryption module 330 for receiving, through a landline (e.g.,landline 138 shown in FIG. 1), from a merchant (e.g., merchant 124 shownin FIG. 1) in response to transaction request (e.g., audio signal 202)by a user (e.g., user 122 shown in FIG. 1), merchant identificationmessage 204 including a merchant identifier, and extracting the merchantidentifier from merchant identification message 204. Processor 305 mayalso include a comparing module 332 for querying a database (e.g.,database 142 of FIG. 1) of merchant data including a plurality ofmerchants and a plurality of merchant identifiers, wherein each of theplurality of merchant identifiers corresponds to one of the plurality ofmerchants, and identifying, in response to the query, the merchant bymatching the extracted merchant identifier against the plurality ofmerchant identifiers in the database. Processor 305 may also include anencryption module 334 for generating token message 214, transmittablethrough the landline including token 212, and transmitting token message214 to the merchant through the landline.

FIG. 4 illustrates an example configuration of a server system 400, suchas one of servers 129 of interchange network 128 or token server 144(shown in FIG. 1). In the example embodiment, server system 400 includesat least one server computing device 401, in electronic communicationwith at least one storage device 434. In the exemplary embodiment,server computing device 401 includes a processor 405 for executinginstructions (not shown) stored in a memory area 410. In an embodiment,processor 405 may include one or more processing units (e.g., in amulti-core configuration) for executing instructions. The instructionsmay be executed within various different operating systems on the serversystem 400, such as UNIX®, LINUX® (LINUX is a registered trademark ofLinus Torvalds), Microsoft Windows®, etc. More specifically, theinstructions may cause various data manipulations on data stored instorage device 434 (e.g., create, read, update, and delete procedures).It should also be appreciated that upon initiation of a computer-basedmethod, various instructions may be executed during initialization. Someoperations may be required in order to perform one or more processesdescribed herein, while other operations may be more general and/orspecific to a particular programming language (e.g., C, C#, C++, Java,or other suitable programming languages, etc.).

In the example embodiment, processor 405 is operatively coupled to acommunication interface 415 such that server system 400 is capable ofcommunicating with a remote device such as a user system or anotherserver system 400. For example, communication interface 415 may receiverequests from client system 300 (FIG. 3) via the Internet, within thescope of the embodiment illustrated in FIG. 4.

In the example embodiment, processor 405 is also operatively coupled toa storage device 434, which may be, for example, any computer-operatedhardware unit suitable for storing and/or retrieving data. In someembodiments, storage device 434 is integrated in server system 400. Forexample, server system 400 may include one or more hard disk drives asstorage device 434. In certain embodiments, storage device 434 isexternal to server system 400 and is used to implement database 142(shown in FIG. 1). For example, server system 400 may include one ormore hard disk drives as storage device 434. In other embodiments,storage device 434 is external to server system 400 and may be accessedby a plurality of server systems 400. For example, storage device 434may include multiple storage units such as hard disks or solid statedisks in a redundant array of inexpensive disks (RAID) configuration.Storage device 434 may include a storage area network (SAN) and/or anetwork attached storage (NAS) system.

In some embodiments, processor 405 is operatively coupled to storagedevice 434 via a storage interface 420. Storage interface 420 mayinclude, for example, a component capable of providing processor 405with access to storage device 434. In an exemplary embodiment, storageinterface 420 further includes one or more of an Advanced TechnologyAttachment (ATA) adapter, a Serial ATA (SATA) adapter, a Small ComputerSystem Interface (SCSI) adapter, a RAID controller, a SAN adapter, anetwork adapter, and/or any similarly capable component providingprocessor 405 with access to storage device 434.

Memory area 410 may include, but is not limited to, random-access memory(RAM) such as dynamic RAM (DRAM) or static RAM (SRAM), read-only memory(ROM), erasable programmable read-only memory (EPROM), electricallyerasable programmable read-only memory (EEPROM), non-volatile RAM(NVRAM), and magneto-resistive random-access memory (MRAM). The abovememory types are for example only, and are thus not limiting as to thetypes of memory usable for storage of a computer program.

FIG. 5 is a diagram 500 of components of one or more example computingdevices that may be used in system 100 shown in FIG. 1. In someembodiments, computing device 510 is used to implement TAE computingdevice 140 (shown in FIG. 1). Computing device 510 may include adatabase 520 and a data storage device 530. Database 520 may be coupledwith several separate components within computing device 510, whichperform specific tasks. In this embodiment, database 520 includesmerchant data 522. In some embodiments, database 520 is used toimplement database 142 (shown in FIG. 1).

Computing device 510 includes a communication component 540 forretrieving a token 212 associated with a PAN 220 of a user (e.g., user122 shown in FIG. 1) and receiving confirmation message 222 from apayment processor indicating a payment using PAN 220 was made inresponse to a merchant receiving token 212. Computing device 510 alsoincludes a decryption component 550 for receiving, through a landline(e.g., landline 138 shown in FIG. 1), from a merchant (e.g., merchant124 shown in FIG. 1) in response to transaction request (e.g., audiosignal 202) by the user, merchant identification message 204 including amerchant identifier, and extracting the merchant identifier frommerchant identification message 204. Computing device 510 also includesa comparing component 560 for querying database 520 of merchant data 522including a plurality of merchants and a plurality of merchantidentifiers, wherein each of the plurality of merchant identifierscorresponds to one of the plurality of merchants, and identifying, inresponse to the query, the merchant by matching the extracted merchantidentifier against the plurality of merchant identifiers in database520. Computing device 510 also includes an encryption component 570 forgenerating token message 214, transmittable through a landline andincluding token 212, and transmitting token message 214 to the merchantthrough the landline.

FIG. 6 is a flowchart illustrating an example method 600 for securelytransacting over a landline, which may be implemented utilizing paymentsystem 120 (shown in FIG. 1). More specifically, in some embodiments,method 600 may be implemented by a computing device, for example, TAEcomputing device 140 (shown in FIG. 1).

With reference also to FIG. 2, in the example embodiment, method 600includes receiving 602, through a land line, from a merchant in responseto a transaction request (e.g., audio signal 202) by a user, a merchantidentification message 204 including a merchant identifier. In someembodiments, method 600 further includes receiving 604 merchantidentification message 204 from a landline telephone device using awireless communications protocol. In certain such embodiments, thewireless communications protocol is a Bluetooth protocol.

In the example embodiment, method 600 further includes extracting 606the merchant identifier from merchant identification message 204. Insome embodiments, merchant identification message 204 is of at least oneof a frequency shift keying (FSK) protocol or a dual-tonemulti-frequency (DTMF) protocol.

In the example embodiment, method 600 further includes querying 608 adatabase of merchant data including a plurality of merchants and aplurality of merchant identifiers, wherein each of the plurality ofmerchant identifiers corresponds to one of the plurality of merchants.

In the example embodiment, method 600 further includes identifying 610,in response to the query 608, the merchant by matching the extractedmerchant identifier against the plurality of merchant identifiers in thedatabase. In some embodiments, method 600 further includes displaying612 a name of the identified merchant to the user.

In the example embodiment, method 600 further includes retrieving 614,in response to successfully identifying the merchant, a token 212associated with a primary account number PAN 220 of the user. Forexample, token 212 may be retrieved from a token server associated witha payment processor or third party.

In the example embodiment, method 600 further includes generating 616 atoken message 214 including token 212. Token message 214 istransmittable through the landline. In some embodiments, method 600further includes encrypting 618 token 212. In certain embodiments, tokenmessage 214 is of at least one of a frequency shift keying (FSK)protocol or a dual-tone multi-frequency (DTMF) protocol.

In the example embodiment, method 600 further includes transmitting 620token message 214 to the merchant through the landline. In someembodiments, method 600 further includes transmitting 622 token message214 to a landline telephone device using a wireless communicationsprotocol. In certain such embodiments, the wireless communicationsprotocol is a Bluetooth protocol.

In the example embodiment, method 600 further includes receiving 624,from a payment processor, a confirmation message 222 indicating apayment using PAN 220 was made in response to the merchant receivingtoken 212. In some embodiments, method 600 may further includedisplaying 626 confirmation message 222 to the user.

Having described aspects of the disclosure in detail, it will beapparent that modifications and variations are possible withoutdeparting from the scope of aspects of the disclosure as defined in theappended claims. As various changes could be made in the aboveconstructions, products, and methods without departing from the scope ofaspects of the disclosure, it is intended that all matter contained inthe above description and shown in the accompanying drawings shall beinterpreted as illustrative and not in a limiting sense.

While the disclosure has been described in terms of various specificembodiments, those skilled in the art will recognize that the disclosurecan be practiced with modification within the spirit and scope of theclaims.

As used herein, the term “non-transitory computer-readable media” isintended to be representative of any tangible computer-based deviceimplemented in any method or technology for short-term and long-termstorage of information, such as, computer-readable instructions, datastructures, program modules and sub-modules, or other data in anydevice. Therefore, the methods described herein may be encoded asexecutable instructions embodied in a tangible, non-transitory, computerreadable medium, including, without limitation, a storage device and/ora memory device. Such instructions, when executed by a processor, causethe processor to perform at least a portion of the methods describedherein. Moreover, as used herein, the term “non-transitorycomputer-readable media” includes all tangible, computer-readable media,including, without limitation, non-transitory computer storage devices,including, without limitation, volatile and nonvolatile media, andremovable and non-removable media such as a firmware, physical andvirtual storage, CD-ROMs, DVDs, and any other digital source such as anetwork or the Internet, as well as yet to be developed digital means,with the sole exception being a transitory, propagating signal.

As will be appreciated based on the foregoing specification, theabove-described embodiments of the disclosure may be implemented usingcomputer programming or engineering techniques including computersoftware, firmware, hardware or any combination or subset thereof,wherein the technical effect is a flexible system for various aspects offraud analysis of payment card transactions. Any such resulting program,having computer-readable code means, may be embodied or provided withinone or more computer-readable media, thereby making a computer programproduct, i.e., an article of manufacture, according to the discussedembodiments of the disclosure. The article of manufacture containing thecomputer code may be made and/or used by executing the code directlyfrom one medium, by copying the code from one medium to another medium,or by transmitting the code over a network.

In addition, although various elements of the TAE computing device aredescribed herein as including general processing and memory devices, itshould be understood that the TAE computing device is a specializedcomputer configured to perform the steps described herein for securelytransacting over a landline.

This written description uses examples to disclose the embodiments,including the best mode, and also to enable any person skilled in theart to practice the embodiments, including making and using any devicesor systems and performing any incorporated methods. The patentable scopeof the disclosure is defined by the claims, and may include otherexamples that occur to those skilled in the art. Such other examples areintended to be within the scope of the claims if they have structuralelements that do not differ from the literal language of the claims, orif they include equivalent structural elements with insubstantiallocational differences from the literal language of the claims.

According to the advantageous systems and methods described herein, auser may verify in real time the identity of a merchant with whom theuser is speaking during a landline telephone call. Additionally, usermay make a card payment through a landline telephone call without theuser verbally reading the user's primary account number (PAN) during thecall.

What is claimed is:
 1. A computing device for securely transacting overa landline, the computing device comprising at least one processor and amemory device in communication with the at least one processor, the atleast one processor configured to: receive, through a landline, from amerchant in response to a transaction request by a user, a merchantidentification message including a merchant identifier; extract themerchant identifier from the merchant identification message; query adatabase of merchant data including a plurality of merchants and aplurality of merchant identifiers, wherein each of the plurality ofmerchant identifiers corresponds to one of the plurality of merchants;identify, in response to the query, the merchant by matching theextracted merchant identifier against the plurality of merchantidentifiers in the database; retrieve, in response to successfullyidentifying the merchant, a token associated with a primary accountnumber (PAN) of the user; generate a token message including the token,the token message transmittable through the landline; transmit the tokenmessage to the merchant through the landline; and receive, from apayment processor, a confirmation message indicating a payment using thePAN was made in response to the merchant receiving the token.
 2. Thecomputing device of claim 1, wherein to receive the merchantidentification message from the merchant, the processor is furtherconfigured to receive the merchant identification message from alandline telephone device using a wireless communications protocol. 3.The computing device of claim 2, wherein the wireless communicationsprotocol is a Bluetooth protocol.
 4. The computing device of claim 1,wherein the merchant identification message is of at least one of afrequency shift keying (FSK) protocol or a dual-tone multi-frequency(DTMF) protocol.
 5. The computing device of claim 1, wherein theprocessor is further configured to display a name of the identifiedmerchant to the user.
 6. The computing device of claim 1, wherein togenerate the token message, the processor is configured to encrypt thetoken.
 7. The computing device of claim 1, wherein the token message isof at least one of a frequency shift keying (FSK) protocol or adual-tone multi-frequency (DTMF) protocol.
 8. The computing device ofclaim 1, wherein to transmit the token message to the merchant, theprocessor is further configured to transmit the token message to alandline telephone device using a wireless communications protocol. 9.The computing device of claim 8, wherein the wireless communicationsprotocol is a Bluetooth protocol.
 10. The computing device of claim 1,wherein the processor is further configured to display the confirmationmessage to the user.
 11. A computer-implemented method for securelytransacting over a landline, said computer-implemented methodimplemented by a tokenization, analysis, and encryption (TAE) computingdevice including at least one processor in communication with a memorydevice, said computer-implemented method comprising: receiving, by theTAE computing device, through a landline, from a merchant in response toa transaction request by a user, a merchant identification messageincluding a merchant identifier; extracting, by the TAE computingdevice, the merchant identifier from the merchant identificationmessage; querying, by the TAE computing device, a database of merchantdata including a plurality of merchants and a plurality of merchantidentifiers, wherein each of the plurality of merchant identifierscorresponds to one of the plurality of merchants; identifying, by theTAE computing device, in response to the query, the merchant by matchingthe extracted merchant identifier against the plurality of merchantidentifiers in the database; retrieving, by the TAE computing device, inresponse to successfully identifying the merchant, a token associatedwith a primary account number (PAN) of the user; generating, by the TAEcomputing device, a token message including the token, the token messagetransmittable through the landline; transmitting, by the TAE computingdevice, the token message to the merchant through the landline; andreceiving, by the TAE computing device, from a payment processor, aconfirmation message indicating a payment using the PAN was made inresponse to the merchant receiving the token.
 12. Thecomputer-implemented method of claim 11, wherein receiving the merchantidentification message from the merchant comprises receiving, by the TAEcomputing device, the merchant identification message from a landlinetelephone device using a wireless communications protocol.
 13. Thecomputer-implemented method of claim 11 further comprising displaying,by the TAE computing device, a name of the identified merchant to theuser.
 14. The computer-implemented method of claim 11, whereingenerating the token message comprises encrypting, by the TAE computingdevice, the token.
 15. The computer-implemented method of claim 11,wherein transmitting the token message to the merchant comprisestransmitting, by the TAE computing device, the token message to alandline telephone device using a wireless communications protocol. 16.The computer-implemented method of claim 11 further comprisingdisplaying, by the TAE computing device, the confirmation message to theuser.
 17. A non-transitory computer-readable media havingcomputer-readable instructions embodied thereon, wherein when executedby a tokenization, analysis, and encryption (TAE) computing deviceincluding at least one processor in communication with a memory device,the computer-readable instructions cause the TAE computing device to:receive, through a landline, from a merchant in response to atransaction request by a user, a merchant identification messageincluding a merchant identifier; extract the merchant identifier fromthe merchant identification message; query a database of merchant dataincluding a plurality of merchants and a plurality of merchantidentifiers, wherein each of the plurality of merchant identifierscorresponds to one of the plurality of merchants; identify, in responseto the query, the merchant by matching the extracted merchant identifieragainst the plurality of merchant identifiers in the database; retrieve,in response to successfully identifying the merchant, a token associatedwith a primary account number (PAN) of the user; generate a tokenmessage including the token, the token message transmittable through thelandline; transmit the token message to the merchant through thelandline; and receive, from a payment processor, a confirmation messageindicating a payment using the PAN was made in response to the merchantreceiving the token.
 18. The non-transitory computer-readable media ofclaim 17, wherein the merchant identification message is of at least oneof a frequency shift keying (FSK) protocol or a dual-tonemulti-frequency (DTMF) protocol.
 19. The non-transitorycomputer-readable media of claim 17, wherein to generate the tokenmessage, the computer-readable instructions cause the TAE computingdevice to encrypt the token.
 20. The non-transitory computer-readablemedia of claim 17, wherein the token message is of at least one of afrequency shift keying (FSK) protocol or a dual-tone multi-frequency(DTMF) protocol.